From: Qu Wenruo <quwenruo.btrfs@gmx.com>
To: Nikolay Borisov <nborisov@suse.com>,
Chris Murphy <lists@colorremedies.com>,
Btrfs BTRFS <linux-btrfs@vger.kernel.org>
Cc: Qu Wenruo <wqu@suse.com>
Subject: Re: 5.14.9 aarch64 OOPS Workqueue: btrfs-delalloc btrfs_work_helper
Date: Tue, 12 Oct 2021 14:47:23 +0800 [thread overview]
Message-ID: <debf9d63-0068-84db-dcd4-1d923742f989@gmx.com> (raw)
In-Reply-To: <da57d024-e125-bcea-7ac3-4e596e5341a2@suse.com>
On 2021/10/12 13:25, Nikolay Borisov wrote:
>
>
> On 12.10.21 г. 3:59, Chris Murphy wrote:
>> Linux version 5.14.9-300.fc35.aarch64 Fedora-Cloud-Base-35-20211004.n.0.aarch64
>> [ 2164.477113] Unable to handle kernel paging request at virtual
>> address fffffffffffffdd0
>> [ 2164.483166] Mem abort info:
>> [ 2164.485300] ESR = 0x96000004
>> [ 2164.487824] EC = 0x25: DABT (current EL), IL = 32 bits
>> [ 2164.493361] SET = 0, FnV = 0
>> [ 2164.496336] EA = 0, S1PTW = 0
>> [ 2164.498762] FSC = 0x04: level 0 translation fault
>> [ 2164.503031] Data abort info:
>> [ 2164.509584] ISV = 0, ISS = 0x00000004
>> [ 2164.516918] CM = 0, WnR = 0
>> [ 2164.523438] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000158751000
>> [ 2164.533628] [fffffffffffffdd0] pgd=0000000000000000, p4d=0000000000000000
>> [ 2164.543741] Internal error: Oops: 96000004 [#1] SMP
>> [ 2164.551652] Modules linked in: virtio_gpu virtio_dma_buf
>> drm_kms_helper cec fb_sys_fops syscopyarea sysfillrect sysimgblt
>> joydev virtio_net virtio_balloon net_failover failover vfat fat drm
>> fuse zram ip_tables crct10dif_ce ghash_ce virtio_blk qemu_fw_cfg
>> virtio_mmio aes_neon_bs
>> [ 2164.583368] CPU: 2 PID: 8910 Comm: kworker/u8:3 Not tainted
>> 5.14.9-300.fc35.aarch64 #1
>> [ 2164.593732] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015
>> [ 2164.603204] Workqueue: btrfs-delalloc btrfs_work_helper
>> [ 2164.611402] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--)
>> [ 2164.620165] pc : submit_compressed_extents+0x38/0x3d0
>
> Qu isn't this the subpage bug you narrowed down a couple of days ago ?
Not exactly.
The bug I pinned down is inside my refactored code of LZO code, not the
generic part, and my refactored code is not yet merged.
Chris, mind to share the code context of the stack?
A quick glance into the code shows it could be some use-after-free bug,
that btrfs_debug() is referring some member of a freed async_extent
structure.
Thanks,
Qu
>
>> [ 2164.628056] lr : async_cow_submit+0x50/0xd0
>> [ 2164.635258] sp : ffff800010bfbc20
>> [ 2164.642585] x29: ffff800010bfbc30 x28: 0000000000000000 x27: ffffdf2b47b11000
>> [ 2164.652135] x26: fffffffffffffdd0 x25: dead000000000100 x24: ffff00014152d608
>> [ 2164.661614] x23: 0000000000000000 x22: 0000000000000000 x21: ffff0000c6106980
>> [ 2164.670886] x20: ffff0000c55e2000 x19: 0000000000000001 x18: ffff0000d3f00bd4
>> [ 2164.680050] x17: ffff00016f467ff8 x16: 0000000000000006 x15: 72a308ccefd184e0
>> [ 2164.689179] x14: 5378ed9c2ad24340 x13: 0000000000000020 x12: ffff0001fefa68c0
>> [ 2164.698178] x11: ffffdf2b47b2b500 x10: 0000000000000000 x9 : ffffdf2b462f2b70
>> [ 2164.707265] x8 : ffff20d6b742d000 x7 : ffff800010bfbbe0 x6 : ffffdf2b4805ad40
>> [ 2164.716368] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff0000c61069a0
>> [ 2164.725454] x2 : 0000000000000000 x1 : ffff00014152d630 x0 : ffff00014152d630
>> [ 2164.734445] Call trace:
>> [ 2164.739675] submit_compressed_extents+0x38/0x3d0
>> [ 2164.746728] async_cow_submit+0x50/0xd0
>> [ 2164.752980] run_ordered_work+0xc8/0x280
>> [ 2164.759248] btrfs_work_helper+0x98/0x250
>> [ 2164.765449] process_one_work+0x1f0/0x4ac
>> [ 2164.771558] worker_thread+0x188/0x504
>> [ 2164.777395] kthread+0x110/0x114
>> [ 2164.782791] ret_from_fork+0x10/0x18
>> [ 2164.788343] Code: a9056bf9 f8428437 f9401400 d108c2fa (f9400356)
>> [ 2164.795833] ---[ end trace e44350b86ce16830 ]---
>>
>>
>> Downstream bug report has been proposed as a btrfs release blocking bug.
>> https://bugzilla.redhat.com/show_bug.cgi?id=2011928
>>
next prev parent reply other threads:[~2021-10-12 6:47 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-12 0:59 5.14.9 aarch64 OOPS Workqueue: btrfs-delalloc btrfs_work_helper Chris Murphy
2021-10-12 5:25 ` Nikolay Borisov
2021-10-12 6:47 ` Qu Wenruo [this message]
2021-10-12 14:30 ` Chris Murphy
2021-10-12 21:24 ` Chris Murphy
2021-10-12 23:55 ` Qu Wenruo
2021-10-13 12:14 ` Chris Murphy
2021-10-13 12:18 ` Qu Wenruo
2021-10-13 12:27 ` Chris Murphy
2021-10-13 12:29 ` Nikolay Borisov
2021-10-13 12:43 ` Chris Murphy
2021-10-13 12:46 ` Nikolay Borisov
2021-10-13 12:55 ` Chris Murphy
2021-10-13 19:21 ` Chris Murphy
2021-10-18 1:57 ` Chris Murphy
2021-10-18 11:32 ` Su Yue
2021-10-18 13:28 ` Qu Wenruo
2021-10-18 14:49 ` Chris Murphy
2021-10-18 18:24 ` Chris Murphy
2021-10-19 1:24 ` Su Yue
2021-10-19 18:26 ` Chris Murphy
2021-10-19 23:42 ` Su Yue
2021-10-20 1:21 ` Qu Wenruo
2021-10-20 1:25 ` Chris Murphy
2021-10-20 23:55 ` Chris Murphy
2021-10-21 0:29 ` Su Yue
2021-10-21 0:37 ` Qu Wenruo
2021-10-21 0:46 ` Su Yue
2021-10-21 14:43 ` Chris Murphy
2021-10-21 14:48 ` Chris Murphy
2021-10-21 14:51 ` Nikolay Borisov
2021-10-21 14:55 ` Chris Murphy
2021-10-21 15:01 ` Nikolay Borisov
2021-10-21 15:06 ` Chris Murphy
2021-10-21 15:32 ` Chris Murphy
2021-10-21 18:07 ` Chris Murphy
2021-10-21 5:56 ` Nikolay Borisov
2021-10-22 2:36 ` Chris Murphy
2021-10-22 6:02 ` Nikolay Borisov
2021-10-22 6:17 ` Su Yue
2021-10-22 10:44 ` Nikolay Borisov
2021-10-22 11:43 ` Nikolay Borisov
2021-10-22 17:18 ` Chris Murphy
2021-10-23 10:09 ` Nikolay Borisov
2021-10-25 14:48 ` Chris Murphy
2021-10-25 18:34 ` Chris Murphy
2021-10-25 19:40 ` Chris Murphy
2021-10-26 7:14 ` Nikolay Borisov
2021-10-26 12:51 ` Chris Murphy
2021-10-26 13:05 ` Nikolay Borisov
2021-10-26 18:08 ` Chris Murphy
2021-10-26 18:14 ` Nikolay Borisov
2021-10-26 18:26 ` Chris Murphy
2021-10-26 18:31 ` Chris Murphy
2021-10-26 18:35 ` Nikolay Borisov
2021-10-27 18:22 ` Chris Murphy
2021-10-28 5:36 ` Nikolay Borisov
2021-11-02 14:23 ` Chris Murphy
2021-11-02 14:25 ` Nikolay Borisov
2021-11-05 16:12 ` Chris Murphy
2021-11-07 9:11 ` Nikolay Borisov
2021-10-19 1:25 ` Qu Wenruo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=debf9d63-0068-84db-dcd4-1d923742f989@gmx.com \
--to=quwenruo.btrfs@gmx.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=lists@colorremedies.com \
--cc=nborisov@suse.com \
--cc=wqu@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).